Host Your Application in the Cloud with XAMPP and Bitnami

If you’re a developer used to developing and testing applications locally, moving your code to the cloud can be a bit daunting. First, you have to choose a cloud from the numerous options availabe. Then, you need to deal with the nitty-gritties of pricing, provisioning, application deployment, scalability and security. And finally, you need to keep track of server performance, debug application issues and find ways to cost-efficiently improve performance.

Wish you had someone to hold your hand through the process? Read my detailed Apache Friends tutorials, which walk you through the process of hosting a PHP application in the cloud with Bitnami. In these tutorials, I describe how to use the Bitnami LAMP Stack to simply and efficiently create and provision a cloud server, then transfer your PHP application to it and monitor its performance.

The tutorial covers these these popular cloud hosts:

Take a look…you’ll be surprised by how easy it actually is!

Integrating PHP Web Applications with JCR and Magnolia CMS

I first came across PHPCR through my work with Magnolia CMS, an open source Java CMS. Magnolia CMS uses the Java Content Repository (JSR-283) as its content storage mechanism and PHPCR is a PHP adaptation of that standard. It’s great for storing semi-structured content in a hierarchical format and it also includes support for content versioning and indexing.

The cool thing about PHPCR is that it lets PHP developers interact with content stored in a JCR-compliant content repository using PHP objects and APIs…no Java knowledge needed. This means that you could save data to a JCR repository using a Java application, then read or modify that data using PHP, simplifying data reuse and interoperability between applications running on different platforms.

Read more in my tutorial on integrating PHP applications with Magnolia CMS. It discusses a number of common use cases, including reading and writing content to a JCR repository and integrating a PHP front-end with a Java application via the JCR.

Build and Deploy a Mobile-Friendly Calorie Counter on IBM Bluemix with PHP, MySQL, AngularJS and the Nutritionix API

The Nutritionix API is an online API which lets you access a massive database of nutrition information, covering both generic and branded food items. I came across it recently when looking for something else, and was promptly diverted from my original goal into trying it out.

While playing with it, it occurred to me that this could be the basis of a very neat little application to track calorie consumption. Ideally, it needed to work on a mobile device so that it would be at hand at meal-times, and be simple, interactive and easy to use. After a little thought, I had my requirements and design down, so I went ahead and built it.

Check out the video below to see it in action:

For the user interface, I used jQuery Mobile and AngularJS (something I’ve been itching to play with for a while). On the server, I used Slim, a PHP micro-framework, to connect with the Nutritionix API. The application is deployed on IBM Bluemix, which is also responsible for providing a MySQL service instance for account and meal record storage.

Although I’ve used the PHP/MySQL combination on IBM Bluemix before, this application gave me an opportunity to try something new: email send-outs. If you’re developing locally, or on a system you have administrative privileges for, it’s easy enough to configure a mail server to handle outgoing email traffic, then use PHP’s mail() function to do the deed. On a PaaS service, this isn’t quite as easy…but Bluemix’s SendGrid service provides a viable solution if you’re willing to experiment a bit.

For the full story, read my IBM developerWorks article…and then, don’t forget to try the demo app.

Build and Deploy a REST API on IBM Bluemix with PHP and MySQL

I’ve been experimenting with IBM Bluemix for some time now and a few weeks ago, I decided to try hosting a custom REST API with it. I built the API using Bullet, a PHP micro-framework, then deployed it to Bluemix and connected it with Bluemix’s MySQL service. It worked out pretty well…as you can see by trying this live demo.

In case you’re interested in learning how I went about building this, you can read all about it in this IBM developerWorks article. In this article, I explain how to implement the four basic REST methods using Bullet, then add support for API authentication and multiformat support, and finally deploy the API to Bluemix. Take a look, then download the API source and see what you think!

Configure URL Rewriting for Framework-Based PHP Applications on IBM Bluemix

A few weeks ago, I was introduced to Bluemix, IBM’s new cloud infrastructure platform for developers. With a bunch of pre-configured runtimes for Java, Node.js and Ruby, plus MongoDB, MySQL and various other database services, BlueMix provides a platform for quick app development and deployment.

Bluemix is currently in beta and doesn’t support PHP (yet) but I found a blog post which suggested it was possible using the Zend Server PHP buildpack. However, on trying it, I came across a problem: my Web application (built with Slim Framework) needed URL rewriting for its custom routes to work, but I couldn’t find a way to edit the nginx configuration file included with the Zend Server PHP buildpack. The search for an alternative led me (via Q&A in this thread) to the Cloud Foundry PHP buildpack, which solved my problem.

In case you’re looking to run a PHP application on Bluemix and you need URL rewriting (or other server-level modifications to configuration), here are the steps I followed:

1. Use the application manifest to load the Cloud Foundry PHP buildpack.
The application manifest file manifest.yml tells the Cloud Foundry CLI how to deploy the application, including which buildpack to use. Here’s what I used.

myapp/manifest.yml

---
applications:
- name: my-slim-php-app
memory: 256M
instances: 1
host: my-slim-php-app
buildpack: https://github.com/dmikusa-pivotal/cf-php-build-pack.git

2. Override default buildpack settings with your custom configuration.
The best thing about the Cloud Foundry PHP buildpack is that it lets you override default httpd, nginx and PHP configuration settings with your own. All you need to do is add a .bp-config/ directory to your application’s root, then add an options.json file with buildpack configuration variables.

By default, the buildpack will install Apache as the Web server. To use nginx instead, I made some changes.

myapp/.bp-config/options.json

{
  "WEB_SERVER": "nginx"
}

The buildpack also lets you custom-configure Apache, nginx or PHP, simply by adding your custom configuration files within a httpd/, nginx/ or php/ sub-directory. By combining the URL rewriting instructions in Slim’s documentation with the existing nginx defaults, I generated the following overrides.

myapp/.bp-config/server-defaults.conf

        listen @{VCAP_APP_PORT};
        server_name _;

        fastcgi_temp_path @{TMPDIR}/nginx_fastcgi 1 2;
        client_body_temp_path @{TMPDIR}/nginx_client_body 1 2;
        proxy_temp_path @{TMPDIR}/nginx_proxy 1 2;

        real_ip_header x-forwarded-for;
        set_real_ip_from 10.0.0.0/8;
        real_ip_recursive on;

        # ?$args or ?$query_string at the end of the next line
        # tells nginx to forward query arguments
        try_files $uri /index.php?$query_string;

myapp/.bp-config/server-locations.conf

        # Some basic cache-control for static files to be sent to the browser
        location ~* \.(?:ico|css|js|gif|jpeg|jpg|png)$ {
            expires max;
            add_header Pragma public;
            add_header Cache-Control "public, must-revalidate, proxy-revalidate";
        }

        # Deny hidden files (.htaccess, .htpasswd, .DS_Store).
        location ~ /\. {
            deny all;
            access_log off;
            log_not_found off;
        }

        # modified from Slim documentation
        # pass *.php to the fastcgi process  
        location ~ .*\.php$ {
            try_files $uri =404;
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_pass php_fpm;
        }

3. Push your application code to Bluemix.

shell> cf api https://api.ng.bluemix.net
shell> cf login
shell> cf push

That’s pretty much all there is to it. You should now be able to access your Slim routes without any problems. These settings should also work (with minor changes) for other framework-based PHP applications, including those written with BulletPHP, Zend Framework and Agavi.

If you prefer Apache, this thread explains how to set up the necessary URL rewriting rules for Apache. If you don’t have a Bluemix account, you can request one here.

Improve Web Application Security with Zend Framework 2

I’ve been working with Zend Framework 2 for a while now, trying to learn it and map its concepts to those from Zend Framework 1. One of the things that hasn’t changed is the framework’s support for security – it still has a bunch of useful components which let you protect your PHP application from SQL injection, XSS, CSRF, spam, and brute-force password hacking.

You don’t need to be using Zend Framework either – the framework is loosely coupled, so you can use the components on a standalone basis. If you’re not familiar with framework-based development, this gives you all the benefits of components like Zend\InputFilter and Zend\Escaper without the additional overhead and learning curve.

Read more in my IBM developerWorks article on web application security and find out how to harden your application against bad input, XSS vectors, bots and spam. Code examples are included for both framework and standalone usage.

Create a Mobile-Friendly To-Do List App with PHP, jQuery Mobile and Google Tasks

I’ve been waiting to try out jQuery Mobile for a while and a few weeks ago, I finally got the chance. I hooked jQuery Mobile up with the Google Tasks API and built a simple to-do list application that works on tablet and smartphone browsers.

The application exposes most of the basic functionality of Google Tasks, allowing you to add new to-do lists, create tasks, attach due dates and mark tasks as complete.

To control the interaction between the jQuery Mobile front-end and the Tasks API, my tool of choice was Slim, a PHP micro-framework that I’ve used before (slides, article). I also used Google’s own OAuth PHP Client, which makes it significantly easier to handle authentication (bonus: it provides some nice pre-packaged functionality for working with the Tasks API as well).

Read all about it in my IBM developerWorks article, watch a video showing the application in action, or get the code from JazzHub.

Authentication and Access Control with Sentry 2 (part 2)

As promised, IBM developerWorks has now published the second part of my article on Sentry 2. In this concluding segment, I dive into the Sentry 2 permission model, explaining how to create groups, assign users and permissions to them, and use permission checks to selectively enable application functions.

Also on the menu: find out how to harden your application with login throttling and temporary user deactivation, and integrate Sentry 2 with third-party authentication services like Google and Twitter.

Read the full article.

Authentication and Access Control with Sentry 2 (part 1)

If you build Web applications, there are a few things you can’t dodge coding: a user registration workflow, a password reset workflow, a login and logout system, and so on. Since these workflows aren’t likely to change much from one project to another, why not package them all up in a set of classes and use the time you save on something more constructive (blowing up some Protoss bases, maybe?)

That’s the idea behind Sentry 2, which gives you a head start on your next PHP project by providing a framework for authentication and access control. For code and details, take a look at the first part of my IBM developerWorks article on Sentry 2 (part 2 will be published in a few weeks).

Use Doctrine 2.3 with PHP and Zend Framework

IBM developerWorks has just published my article on using Doctrine 2.3 with the Zend Framework.

Doctrine is a well-known PHP Object-Relational Mapping (ORM) tool for querying and manipulating database content by using objects. It can be integrated with Zend Framework to inject database content into a PHP Web application. The article discusses how to create Doctrine entities and load and use them within Zend Framework 1.x and 2.x action controllers.

Readers of my book “Zend Framework: A Beginner’s Guide” will find this article very useful, as it provides updated steps for getting Doctrine and Zend Framework playing nice with each other.

Read the full article here.